How to use AI to protect your organization from one of the most difficult to control and most significant sources of data loss
mxHERO has been innovating on corporate email for more than a decade. LLM AI presents a tectonic shift on the email security front not seen since the inception of email technology — a win for users and organizations who aim to protect their most valuable content. Although many AI-powered end-user tools are becoming available to help one compose an email, there are other, potentially more significant applications of AI for email. When AI is applied server-side to the real-time flow of email in and out of the organization, the benefits for corporate security, governance, and productivity are potentially astounding.
In mxHERO’s labs, we are testing the application of AI across a wide range of email scenarios. One of these areas is information security, specifically ensuring that sensitive files sent through email are adequately protected. One of email’s most pernicious problems is its lack of native protection for files sent as attachments. This problem is compounded by the rampant duplication inherent in email delivery and the fact that email is still the most common method of file sharing. [1, 2] AI can significantly reduce data leakage and exposure through email.
Whether confidential information is at risk of being inadvertently or maliciously sent outside the company’s secure network, mxHERO has tested how advanced AI technologies can scrutinize every email leaving the organization, ensuring the integrity and security of corporate communication.
Identifying Sensitive Information
mxHERO’s AI Mail2Cloud platform used AI to inspect the flow of email messages in real-time. The AI scans the content of emails, including attachments, in real-time, searching for patterns, keywords, and language associated with sensitive information. What is considered sensitive is definable through adjustments to the prompt, which external data sources can optionally feed, all natively orchestrated by mxHERO's platform. The AI tested recognized and categorized various types of sensitive information, such as personal identification numbers, financial details, confidential project data, language indicating confidentiality, and more. Furthermore, the AI could determine varying levels of confidentiality/sensitivity.
After analyzing the email and any attachments, AI fed the resulting assessment into Mail2Cloud to trigger specific actions based on the different levels of confidentiality. For example, one configuration moved attachments considered highly sensitive to the user’s cloud storage account. It replaced them with a link that would expire in 7 days and only allow the recipient to view the document (no download). A slightly less sensitive file received a different treatment. mxHERO AI moved less sensitive documents to cloud storage, but with a 30-day expiring link, downloads permitted. Any other files determined as non-confidential, the system sent unaltered as standard email attachments.
By integrating AI into the flow of emails, mxHERO is pioneering a proactive approach to data leakage prevention, ensuring that sensitive information remains secure and that corporate communication adheres to the highest standards of integrity and confidentiality without burdening end users with unwavering vigilance.